Posted December 6, 2018 by Jeff B. CopelandIn a lead article on the Homeland Security Today website, A Game Plan to Identify, Protect Information Crown Jewels, RiskLens Co-Founder and Chief Risk Scientist Jack Jones has some advice for federal agencies required to identify and prioritize risk management on their “crown jewels”: Get a clearer picture on your high-value assets, then get an effective risk analysis model to guide your security investments.
Posted November 28, 2018 by Jeff B. CopelandA few pioneering boards are “taking the bold step of forming a full-fledged committee focused on cybersecurity,” the WSJ Pro Cybersecurity newsletter reports (subscribe to the newsletter to read the article).
Posted November 21, 2018 by Tim WynkoopI recently ran an analysis for a major bank that I think shows the power of both the FAIR Model for thinking through cybersecurity investment decisions and the power of the RiskLens CRQ platform for quickly running the numbers to support those decisions, often with surprising results.
Posted October 26, 2018 by Jeff B. CopelandIn a recent survey of board members by PwC, 82% said that cyber threats had moved from an IT issue to one that would drive overall strategic change for their companies. It’s an evolutionary change in board attitudes
Posted October 3, 2018 by David MusselwhiteQuantitative cyber risk analytics using FAIR is an inherently mathematical endeavor. Estimates for the factors of risk (like loss event frequency and loss magnitude) are expressed using probability distributions
Posted August 20, 2018 by Tim WynkoopI recently worked with a retail organization to run a FAIR analysis on an audit finding and settle a difference between the IT and Internal Audit teams. It’s a simple story but one that shows the power of quantitative risk analysis to get beyond guesswork and gut feelings
Posted August 1, 2018 by Bryan SmithHave you ever looked at the results in a RiskLens risk analysis and wondered what's the probability that a loss will hit the max? Or looked at the results and tried to answer how much risk you are comfortable with? If so the new Loss Exceedance Charts introduced in RiskLens 2.2.7 are your answer.
Posted July 12, 2018 by Cody WhelanA question I don’t hear from enough CIROs, CISOs and other cybersecurity and risk executives is, “what framework or model did we use to come up with these risk analysis results?" Considering how much effort, time and resources stem from a decision made on those results, this has always struck me as odd.
Posted July 10, 2018 by Taylor MazeHere's a quick look at the power of cyber risk analytics with the FAIR model and the RiskLens application to solve an everyday business problem. A RiskLens colleague and I recently helped a risk team in the information industry quantify the risk associated with a legacy server. In the process, the organization was also able to gain some important insights into their IT environment and cybersecurity risk management in general.
Posted June 28, 2018 by Jeff B. CopelandGive us 54 minutes for this recorded webinar right now and two of our most efficient explainers of cyber risk quantification will walk you through the driving forces that are revolutionizing the way that cyber risk is measured and managed.